Our comments and trackback policy You Link We Follow, You Comment We Promote

Google has responded to the Gmail security flaw we highlighted earlier and has denied that cases of the sort are in no way associated to Gmail. The blog post also mentioned that most of the victims were phishing targets. Many would talk of it be the regular reasoning coming from Gmail protecting its position but I will side with them. I have come across many a phishing schemes that are always throwing in the baits to fish out careless internet users. About the last years domain theft issue, the blog post responded by s stating:

Several news stories referenced a domain theft from December 2007 that was incorrectly linked to a Gmail CSRF vulnerability. We did have a Gmail CSRF bug reported to us in September 2007 that we fixed worldwide within 24 hours of private disclosure of the bug details. Neither this bug nor any other Gmail bug was involved in the December 2007 domain theft.